9 Ttps Jobs

At Capgemini Invent, you will play a crucial role in driving transformation by blending strategic, creative, and scientific capabilities to deliver cutting-edge solutions for our clients. Your expertise in Vulnerability Management tools such as Rapid7, Qualys, and Tenable will be instrumental in implementing and managing security vulnerabilities both on-premises and in the cloud. You will also be responsible for setting up vulnerability scanning profiles and demonstrating a strong understanding of the vulnerability management lifecycle. In addition, your role will entail in-depth knowledge across various core domains including Vulnerability Management, External Attack Surface Management, Container Scanning, Cloud Security Compliance scanning, and Security Configuration Management. It is essential for you to possess knowledge of system security vulnerabilities, remediation techniques, and tactics, as well as the ability to effectively communicate testing findings to managers and network administrators. Your proficiency in simplifying complex technology concepts for non-technical audiences will be highly valued. Your profile should showcase a good understanding of the risk score acceptance process for vulnerabilities, the ability to generate customized reports, and support in mitigating vulnerabilities. Automation knowledge in existing processes, familiarity with Zero Day Vulnerabilities, and understanding of TTPs, MITRE ATT&CK framework, CVSS, OSINT, and deception techniques are also important aspects of this role. Moreover, your comprehension of operating systems, applications, infrastructure, cloud computing services, OWASP, CVSS, MITRE ATT&CK framework, and the software development lifecycle will be beneficial. Strong oral, verbal, and written communication skills are essential for effective collaboration and sharing of insights. Working at Capgemini offers a supportive environment with flexible work arrangements that prioritize work-life balance. You will have access to career growth programs and diverse professional opportunities tailored to your development. Additionally, you can enhance your skills with valuable certifications in cutting-edge technologies like Generative AI. Capgemini is a global leader in business and technology transformation, empowering organizations to navigate the digital and sustainable world with tangible impact. With a diverse team of over 340,000 members in more than 50 countries, Capgemini leverages its 55-year heritage to unlock the value of technology for clients worldwide. From strategy and design to engineering, the company delivers end-to-end services and solutions driven by market-leading capabilities in AI, cloud, and data, complemented by deep industry expertise and a robust partner ecosystem. In 2023, Capgemini reported global revenues of 22.5 billion, reflecting its commitment to addressing the comprehensive business needs of its clients.,

At Capgemini Invent, we believe difference drives change. As inventive transformation consultants, we blend our strategic, creative and scientific capabilities, collaborating closely with clients to deliver cutting-edge solutions. Join us to drive transformation tailored to our client's challenges of today and tomorrow. Informed and validated by science and data. Superpowered by creativity and design. All underpinned by technology created with purpose. Your role involves expertise in Vulnerability Management tools such as Rapid7, Qualys, and Tenable. You should have hands-on experience in implementing and managing security vulnerabilities both on-premises and in the cloud. Additionally, setting up vulnerability scanning profiles and a strong knowledge and understanding of the vulnerability management lifecycle are essential. It is crucial to have in-depth knowledge across all core domains including Vulnerability Management, External Attack Surface Management, Container Scanning, Cloud Security Compliance scanning, and Security Configuration Management. Understanding system security vulnerabilities, remediation techniques, and tactics is required. You should be able to comprehend vulnerability testing methodology and effectively communicate testing findings to managers and network administrators. Furthermore, the ability to communicate complex technology to non-tech audiences in a simple and precise manner is essential. Your Profile should include a good understanding of the risk score acceptance process of vulnerabilities, ability to create customized reports, support in the mitigation of vulnerabilities, and knowledge of automation in the existing process. Understanding of Zero Day Vulnerabilities and their process, TTPs, MITRE ATT&CK framework, CVSS, OSINT, and deception techniques are also important. You should have knowledge of operating systems, applications, infrastructure, and cloud computing services, along with an understanding of OWASP, CVSS, MITRE ATT&CK framework, and the software development lifecycle. Good oral, verbal, and written communication skills are necessary for this role. What you will love about working here is the recognition of the significance of flexible work arrangements to provide support. Whether it's remote work or flexible work hours, you will have an environment that allows for a healthy work-life balance. Career growth is at the heart of our mission, with an array of career growth programs and diverse professions crafted to support you in exploring a world of opportunities. Equip yourself with valuable certifications in the latest technologies such as Generative AI. Capgemini is a global business and technology transformation partner, helping organizations accelerate their dual transition to a digital and sustainable world while creating tangible impact for enterprises and society. With a responsible and diverse group of 340,000 team members in more than 50 countries, Capgemini is trusted by clients to unlock the value of technology to address the entire breadth of their business needs. The Group reported 2023 global revenues of 22.5 billion.,

Key Responsibilities: Design, develop, and deploy advanced threat detection strategies to identify and mitigate sophisticated cyber threats. Analyze tactics, techniques, and procedures (TTPs) used by threat actors and translate them into actionable detection use cases. Utilize the MITRE ATT&CK framework to develop and refine detection methodologies. Collaborate with cross-functional teams to ensure the integration and effectiveness of detection strategies. Continuously improve detection capabilities by staying updated with the latest threat intelligence and industry best practices. Conduct regular assessments and tuning of detection mechanisms to ensure optimal performance. Develop response procedures for detections and collaborate with the automation and engineering teams to implement automated responses. Provide expert guidance and mentorship to junior team members on threat detection and response. Qualifications: 3-9 years of experience in cybersecurity , with a focus on threat detection and response . Proven experience in designing and implementing threat detection strategies . Deep technical knowledge in analyzing cyber threat tactics, techniques, and procedures (TTPs) . Expertise in the MITRE ATT&CK framework and its application in threat detection . Strong analytical and problem-solving skills with the ability to think critically and creatively. Excellent communication and collaboration skills to work effectively with cross-functional teams. Relevant certifications such as CISSP , GIAC , or equivalent are a plus. Preferred Skills: Experience with security information and event management (SIEM) systems. Familiarity with common security solutions like EDR , CASB , DLP , Firewall , IDS/IPS , etc. Knowledge of scripting and automation to enhance detection capabilities. Understanding of network security principles and technologies.

Job description What You'll Do Identify and analyze cyber threats / incidents as part of Eaton's Cyber Security Incident Response Team (CSIRT). Play a key role in the Prevent, Detect, respond strategy to protect Eaton's intellectual property and brand in a highly complex, global, multi-technology, regulated and diversified business environment. Responsible for the health and engineering services of security tools, investigating, analyzing, containing and remediating any potential cyber threat, or cyber security incident that could impact the organization. Provide Eaton with 24/7/365 (on-call rotation) cyber security incident response service with a focus on responding, containing, remediating and recovering cyber incidents across the organization. Respond, investigate, and resolve information security issues, following compliance and investigative standards Manage and coordinate response to any malicious cyber activity inside or against Eaton's assets. Work alarms, cases or incidents from the Level 1 SOC analysts, perform in-depth analysis and triage of threat activity Executes ITSM processes (Change, Request, Incident, Problem management) on technical IT systems at the component level Perform Threat Hunting based on emerging IOCs or vulnerabilities Develop, Refine and maintain incident and alarm rules to focus detection operations Develops and Refines operating procedures to improve efficiency and effectiveness of incident response, e-discovery, internal investigations Execute activities to eliminate malware, advanced persistent threats within a remediation event Execute project tasks to enhance IT Cyber Security capabilities Responsible for Security Engineering Services to include deployment, management, and updating of security stack. Responsible for developing advanced queries, detections, and automation to enhance the organization's security posture and detection capabilities . Improve and enhance detection capabilities to identify insider threats and build Zero Trust foundation Qualifications Bachelor's degree in a technical discipline with 3+ years of relevant experience in cybersecurity. Skills Experience in security operations, cyber security incident response, vulnerability management or IT operations Experience in correlating events from multiple sources to detect suspicious and/or malicious activity. Working knowledge of a broad range of current IT platforms and technologies. Understanding of TTPs, MITRE ATT&CK framework Understanding of operating systems, applications, infrastructure, and cloud computing services. Capacity to comprehend complex technical infrastructure, managed services, and third-party dependencies. Understanding of Cyber Security with relevant work experience and/or relevant certifications. Understanding of common threats, penetration/intrusion techniques and attack vectors. Strong analytical and problem-solving skills Excellent proficiency with the English language (written and verbal). Strong analytical and problem-solving skills. Ability to communicate effectively across all levels of the organization Project management skills: Strong project management, multitasking, and organizational skills.

We are seeking an experienced and proactive Senior Cyber Security Specialist (SOC Analyst L3) to strengthen our Security Operations Center (SOC) capabilities. This role demands deep expertise in threat hunting , incident response , and digital forensics , with a proven ability to operate independently while confidently engaging with clients. The ideal candidate will play a critical role in identifying, analyzing, and mitigating cyber threats to ensure enterprise security posture. Key Responsibilities: Conduct proactive threat hunting across network and endpoint environments using SIEM, EDR, and threat intelligence platforms. Identify and analyze Indicators of Compromise (IOCs) and adversary Tactics, Techniques, and Procedures (TTPs) . Perform incident response activities , including triage, containment, investigation, remediation, and recovery. Execute forensic analysis on compromised Windows and Linux systems to determine root cause and impact. Coordinate with SOC, IT, and business teams during high-severity security events and ensure effective communication. Develop and fine-tune detection rules, correlation logic, and incident response playbooks . Leverage frameworks such as MITRE ATT&CK and integrate threat intelligence to enhance detection and defense capabilities. Generate detailed incident reports, RCA documentation , and post-incident recommendations. Act as a subject matter expert (SME) for security operations and mentor junior analysts. Required Skills & Qualifications: 4 - 6 years of hands-on experience in SOC operations , threat hunting , and incident response . Proven ability to work independently and handle client interactions with professionalism and confidence. Strong knowledge of networking concepts , Windows OS , and Linux OS internals. Proficiency in using SIEM tools (e.g., Splunk, QRadar, Sentinel) and EDR solutions (e.g., CrowdStrike, Carbon Black, Defender). Deep understanding of cyberattack lifecycles , threat vectors, and advanced persistence mechanisms. Solid grasp of MITRE ATT&CK , cyber kill chain , and threat modeling methodologies. Experience in forensic tools and techniques for memory, disk, and network forensics. Excellent analytical , problem-solving , and communication skills (both verbal and written). Certifications: Mandatory: CEH, E|CIH, or equivalent Preferred: GCFA, CHFI, GCIH, or other advanced cybersecurity certification

You will be responsible for creating and implementing new threat detection content, rules, and use cases to deploy in the SIEM platform with different data sets such as Proxy, VPN, Firewall, DLP, etc. In addition, you will assist with process development and process improvement for Security Operations by creating/modifying SOPs, Playbooks, and Work instructions. Your role will also involve developing custom content based on threat intelligence and threat hunting results, as well as identifying gaps in the existing security controls and proposing new security controls. Your expertise in SIEM Engineering and knowledge of integrating various log sources with any SIEM platform will be crucial. Furthermore, you will be expected to perform custom parsing of logs being ingested into the SIEM Platform. To succeed in this role, you should have at least 3 years of experience in Content development and experience in delivering and/or building content on any of the SIEM tools like Splunk, ArcSight, QRadar, Nitro ESM, etc. A deep understanding of the MITRE ATT&CK Framework is essential. Experience in SOC Incident analysis with exposure to information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, EDR, and cloud security tools is required. You should also have a good understanding of networking concepts and experience in interpreting, searching, and manipulating data within enterprise logging solutions. In this role, you will be expected to have an in-depth knowledge of security data logs and the ability to create new content on advanced security threats as per Threat Intelligence. You should be able to identify gaps in the existing security controls and have experience in writing queries/rules/use cases for security analytics on platforms like ELK, Splunk, or any other SIEM platform. Familiarity with EDR tools like Crowdstrike and understanding of TTPs like Process Injection are desirable. Excellent communication, listening, facilitation skills, investigative mindset, and problem-solving abilities are essential for this role. Preferred qualifications include understanding of the MITRE ATT&CK framework, demonstrable experience in Use case/rule creation on any SIEM Platform, and familiarity with Chronicle Backstory, YARA, or Crowdstrike rules.,

Greetings from IT.. I am now hiring a Threat Detection Engineer for my Clients. Location: Bangalore, Gurugram. Experience: 6-13 Years N[P: Immediate-30 days Primary skills: Threat hunting, threat intelligence, Splunk In-depth knowledge of external attacks and detection techniques to be able to run analysis of the requirements provided by threat intelligence / SOC teams, generate list of rules that could be implemented (based on self analysis of a threat and avaiable log sources), work with SOC team to operationalize and Purple Team to test.. Familiarity with MITRE ATT&CK framework and Tactics, Techniques, and Procedures (TTPs). Experience with security tools such as Splunk, MDE , Databricks to be able to write custom detections to detect various threats (preferably MDE). Kindly share your resume at chanchal@oitindia.com

Role & responsibilities Primary skills: Threat hunting, threat intelligence, Splunk In-depth knowledge of external attacks and detection techniques to be able to run analysis of the requirements provided by threat intelligence / SOC teams, generate list of rules that could be implemented (based on self analysis of a threat and avaiable log sources), work with SOC team to operationalize and Purple Team to test.. Familiarity with MITRE ATT&CK framework and Tactics, Techniques, and Procedures (TTPs). Experience with security tools such as Splunk, MDE , Databricks to be able to write custom detections to detect various threats (preferably MDE) Preferred candidate profile

Job Description Do you want to lead teams that find and exploit security vulnerabilities in Fortune 100 companies, critical infrastructure, and public sector agencies impacting millions of users? Join Securins Offensive Security Team where you'll emulate real-world attacks and oversee advanced offensive operations. We are a cross-disciplinary group of red teamers, adversarial AI researchers, and software developers dedicated to finding and fixing vulnerabilities across critical digital ecosystems. Role & responsibilities - Lead and perform advanced offensive security assessments, including Red Team operations, threat-based evaluations, and vulnerability exploitation. - Supervise and mentor a team of offensive engineers, manage task prioritization, and ensure high-quality delivery. - Execute Red Team operations on production systems, including AI platforms, using real-world adversarial tactics. - Provide strategic and technical security guidance to internal and external stakeholders. - Collaborate cross-functionally to integrate findings into enterprise detection and defense strategies. - Research and develop adversary TTPs across the full attack lifecycle. - Build tools to automate and scale offensive emulation and vulnerability discovery, utilizing AI/ML systems. - Continuously evaluate and enhance assessment methodologies and frameworks used by the team. - Contribute to the security community through publications, presentations, bug bounties, and open-source projects. Required Qualifications - 5+ years of experience in offensive security, red teaming, or penetration testing with at least 1 year in a leadership role. - Bachelors or Masters degree in Computer Science, Computer Engineering, or relevant field; or equivalent experience. - Expert knowledge of offensive security tactics, threat modeling, APT emulation, and Red Team operations. - Strong understanding of MITRE ATT&CK framework and exploitation of common vulnerabilities. - Proficiency in one or more programming/scripting languages (Python, Go, PowerShell, C/C++, etc.). - Hands-on experience with penetration testing tools such as Metasploit, Burp Suite Pro, NMAP, Nessus, etc. - Familiarity with security in cloud environments (AWS, Azure, GCP) and across Windows/Linux/macOS platforms. - Ability to clearly articulate findings to technical and executive audiences and lead mitigation efforts. - Authorization to work in the country of employment at time of hire and ongoing during employment. Preferred Qualifications - Certifications like OSCP, OSCE, OSEP, CRTO, or equivalent. - Experience with Purple Team operations and threat intelligence integration. - Track record in CTF competitions or bug bounty programs. - Reverse engineering experience or malware analysis expertise. - Exposure to Responsible AI and adversarial machine learning. - Participation in AI Village at DEFCON or similar security research events. - Publications or contributions to conferences such as AISec, NeurIPS, FAccT, or IC4. Other Requirements Ability to meet Securin, customer, and/or government security screening requirements. This includes a background check at the time of hire/transfer and every two years thereafter. Who Should Apply You have experience executing technical research and offensive security strategies with teams. You are skilled in experimental security science and confident in building your own tools. You clearly communicate findings, are mission-driven, and want to drive change in AI and cybersecurity. Role-Specific Policy This hybrid role requires in-office presence at least 50% of the time. Locations: Chennai, Tamil Nadu (India)